Introduction
The main function of PDF Signer is to sign PDF documents using X.509 digital certificates.
Using this product you can quickly sign multiple PDF files (bulk sign) by selecting input and
output directory. This is ideal for bulk signing of a large number of corporate documents rather
than signing each one individually.
The positioning of the signature appearance is configurable, plus on which pages of the
document it should appear (first page, last page or all pages).
Links
PDF Signer main page: http://www.signfiles.com/pdf-signer/
Download PDF Signer (Free 15-Day Trial): http://www.signfiles.com/apps/PDFSigner.msi
Trademarks
.NET, Visual Studio .NET are trademarks of Microsoft Inc.
Adobe, Adobe Reader are trademarks of Adobe Systems Inc.
All other trademarks are the property of their respective owners.
Digital Certificates.....................................................................................................................3
Digital Certificate Location................................................................................................................................. 3
Select the Digital Certificate for Creating PDF Signatures.................................................................................4
Create a Digital Certificate................................................................................................................................. 5
Validating Digital Signatures in Adobe............................................................................................................... 6
Time Stamping.........................................................................................................................14
Time Stamp the PDF Digital Signature............................................................................................................ 14
Nonce and Policy............................................................................................................................................. 14
Validating the Time Stamp Response on Adobe.............................................................................................. 15
Encryption................................................................................................................................16
LTV Signatures (Long Term Validation)................................................................................18
Product Registration...............................................................................................................19
Batch Signatures (Automatically Made Without User Intervention)..................................21
Custom Configuration...................................................................................................................................... 21
Digital Certificates
Digital Certificate Location
To digitally sign a PDF file a digital certificate is needed. The digital certificates are stored in
two places:
in Microsoft Store
in PFX on P12 files
The certificates stored on Microsoft Store are available by opening Internet Explorer Tools
menu Internet Options Content tab Certificates button (see below).
For PDF digital signatures, the certificates stored on Personal tab are used. These certificates
have a public and a private key.
The digital signature is created by using the private key of the certificate. The private key can
be stored on the file system (imported PFX files), on an cryptographic smart card (like Aladdin
eToken or SafeNet iKey) or on a HSM (Hardware Security Module).
Another way to store a digital certificate is a PFX (or P12) file. This file contain the public and
the private key of the certificate. This file is protected by a password in order to keep safe the
key pair.
Note that a PFX file can be imported on Microsoft Store (just open the PFX file and follow the
wizard).
To obtain a digital certificate (in PFX format) follow this link:
https://ca.signfiles.com/userEnroll.aspx
Valid signature
The default digital signature text contains information extracted from the signing certificate,
signing date, signing reason and signing location but the digital signature text can be easily
customized.
Signature text
2. Image as background,
Certified signature
Note that some revocation information files (CRL) are very large so resulting signed file will
proportionally larger.
PDF Signer will try to include CRL for every digital certificate from the chain.
PDF/A Standard
PDF/A is a file format for the long-term archiving of electronic documents. It is based on the
PDF Reference Version 1.4 from Adobe Systems Inc. (implemented in Adobe Acrobat 5 and
latest versions) and is defined by ISO 19005-1:2005.
PDF Signer can digitally sign PDF/A files.
Observation: In order to save a PDF/A file, all fonts used on the PDF document must be
embedded (including the font used on the digital signature rectangle). The digital signature
font can be set on the Signature Appearance section.
Time Stamping
Time Stamp the PDF Digital Signature
Timestamping is an important mechanism for the long-term preservation of digital signatures,
time sealing of data objects to prove when they were received, protecting copyright and
intellectual property and for the provision of notarization services.
To add time stamping information to the PDF digital signature you will need access to a RFC
3161 time stamping server.
A fully functional version of our TSA Authority is available for testing purposes at this link:
http://ca.signfiles.com/TSAServer.aspx (no credentials are needed).
The Time Stamping options can be configured on the Time Stamping section.
Encryption
If you want to protect the signed document by preventing actions like printing or content
copying you must encrypt it. The document can be encrypted using passwords from
Encryption section.
Encryption settings
If the PDF document is signed and encrypted with an User Password, when the document is
opened in PDF reader, the PDF document password must be entered.
Owner Password is used to set the password that protects the PDF document for printing or
content copying.
When the signed and encrypted document is opened in a PDF reader, the security settings
are shown like below.
In order to have a LTV signature, be sure that on the Digital Certificates settings, the
checkbox Include certificate revocation information Long Term signature (LTV) is checked.
Product Registration
To register the product you will need a serial number. It can be purchased online directly form
the product mail page.
After you will obtain your serial number, open PDF Signer and click Register Now button.
To automatically sign a folder that contains PDF files, using a custom configuration, use the
following command:
"PDF Signer.exe" c:\InputFolder c:\OutputFolder c:\config-client2.xml
SignLib.Certificates.X509CertificateGenerator("serial